General

  • Target

    fe720b80fb551038a96b25d053de84471e1e0a2b5d7d2f6e6e9fb75f5fac4208.exe

  • Size

    537KB

  • Sample

    241218-krr7jatkep

  • MD5

    c375d4df72db4346c927e61e038d7293

  • SHA1

    f9f2365052c40a748af776bb4b2a67e527078135

  • SHA256

    fe720b80fb551038a96b25d053de84471e1e0a2b5d7d2f6e6e9fb75f5fac4208

  • SHA512

    2b5daf9e2478e84fc1d211fe06341c43cb43828d79789ca78b1d0036dcbf531ee58df2793f3477f741f016560b47644b762d5f007e9b4022a7de36f78a61e254

  • SSDEEP

    12288:m12oDPintVOw0BI/1roSeT4T6XgxSTbjZkQlf/U6MRMP6s3+J3QlnioJbKXs7gGK:mIePitVOw0lT4T6OSTbjZkQlf/U6MRMw

Malware Config

Targets

    • Target

      fe720b80fb551038a96b25d053de84471e1e0a2b5d7d2f6e6e9fb75f5fac4208.exe

    • Size

      537KB

    • MD5

      c375d4df72db4346c927e61e038d7293

    • SHA1

      f9f2365052c40a748af776bb4b2a67e527078135

    • SHA256

      fe720b80fb551038a96b25d053de84471e1e0a2b5d7d2f6e6e9fb75f5fac4208

    • SHA512

      2b5daf9e2478e84fc1d211fe06341c43cb43828d79789ca78b1d0036dcbf531ee58df2793f3477f741f016560b47644b762d5f007e9b4022a7de36f78a61e254

    • SSDEEP

      12288:m12oDPintVOw0BI/1roSeT4T6XgxSTbjZkQlf/U6MRMP6s3+J3QlnioJbKXs7gGK:mIePitVOw0lT4T6OSTbjZkQlf/U6MRMw

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks